3.2 KiB
SKS OpenPGP keyserver docker on Alpine Linux
(c) 2017 Óscar García Amor
Redistribution, modifications and pull requests are welcomed under the terms of GPLv3 license.
SKS is an OpenPGP keyserver whose goal is to provide easy to deploy, decentralized, and highly reliable synchronization. That means that a key submitted to one SKS server will quickly be distributed to all key servers, and even wildly out-of-date servers, or servers that experience spotty connectivity, can fully synchronize with rest of the system.
This docker packages SKS, under Alpine Linux, a lightweight Linux distribution.
Visit Docker Hub to see all available tags.
Run
To run this container exposing SKS and mounting a permanent volume for sks
data in /docker/sks
, run.
/usr/bin/docker run --rm \
--network host \
--name sks \
-e "SKS_SERVER_CONTACT=YOUR_OPENPGP_KEYID" \
-v /docker/sks:/var/lib/sks \
connectical/sks
Take note that if you dont have a valid SKS database, the server will not run. Please, take a look to dump documentation and SKS Readme for more info.
Executing commands
If you need execute a SKS command, for example sks_build.sh
for buld
database, simply call docker with desired command.
/usr/bin/docker run -t -i --rm \
-v /docker/sks:/var/lib/sks \
connectical/sks sks_build.sh
Take note that if you pass paths to command, these paths will refer to inside of docker.
Configuration via docker variables
The run.sh
script that lauchs SKS use the following environment variables
to modify the config file (you can refer to SKS man page to know more
about this settings).
Variable | Default value |
---|---|
SKS_HOSTNAME | localhost |
SKS_RECON_ADDR | 0.0.0.0 |
SKS_RECON_PORT | 11370 |
SKS_HKP_ADRESS | 0.0.0.0 |
SKS_HKP_PORT | 11371 |
SKS_SERVER_CONTACT | |
SKS_NODENAME | keys |
The config file have more options, you can edit them directly, the run.sh
script only touch those mentioned above.
Run with systemd
If you want run this image with systemd you can use the following unit.
[Unit]
Description=SKS OpenPGP keyserver container
Requires=docker.service
After=docker.service
[Service]
ExecStartPre=-/usr/bin/docker kill sks
ExecStartPre=-/usr/bin/docker rm sks
ExecStartPre=/usr/bin/docker pull connectical/sks:VERSION_TAG
ExecStart=/usr/bin/docker run \
--network host \
--name sks \
-v /docker/sks:/var/lib/sks \
-e "SKS_HOSTNAME=your.host.example.com" \
-e "SKS_RECON_ADDR=0.0.0.0" \
-e "SKS_RECON_PORT=11370" \
-e "SKS_HKP_ADRESS=0.0.0.0" \
-e "SKS_HKP_PORT=11371" \
-e "SKS_SERVER_CONTACT=YOUR_OPENPGP_KEYID" \
-e "SKS_NODENAME=keys" \
connectical/sks:VERSION_TAG
ExecStop=/usr/bin/docker stop -t 2 sks
Restart=always
[Install]
WantedBy=multi-user.target